Router

Purpose

A Router object is used to represent a gateway between Networks. A Router with no Firewall connected to is is regarded as a network bridge or a switch/hub. To add restrictions to it, please add a Firewall object. A router must be connected to an administrative network zone to define what network zone the administrator needs to be connected to in order to change the Router configuration.

Connections

Object

Connection

Description

Function

Network

Administration

Tells which network you need to be on in order to perform administration on the Router.

A missing router between Networks indicates that there is no communication between them.

Network

Connection

Using Connection instead of Administration makes only regular traffic possible, i.e. Dataflows to pass if allowed, not logging in to the Router.

A missing router between Networks indicates that there is no communication between them.

Firewall

Firewall Execution

The Firewall object is connected to a Router object to show that the Router has restrictions regarding what communication may traverse it.

Can prevent Forwarding.

Dataflow

Communication

An association to a Dataflow object indicated that the router is allowing the dataflow to travel from one network to another network.

A missing Dataflow association prevents data from passing through the router when the Router is connected to a Firewall.

IDS

NIDS Execution

Connection to an IDS denotes that the traffic passing through the Router is inspected by an IDS on a network level (NIDS).

A missing IDS will reduce the time needed to attack through unencrypted Dataflows.

IPS

IPS Execution

A connection to an IPS denotes that the IPS is actively trying to prevent intrusions via all unencrypted Dataflows passing through the Router.

A missing IDS will reduce the time needed to attack through unencrypted Dataflows.

AccessControl

Authorization

Denotes that there is a login prompt for accessing the Router.

The login prompt is reached from a Network, connected to the Router, with an Administration association. Both root and non-root UserAccount compromise leads to compromise of the Router. A missing AccessControl will result in immediate compromise from the "administration" network.

Attack Steps and Defenses

Attack Step

Description

Leads to

Compromise

The attacker has been able to take over the Router and can now control it.

Router: DenialOfService
Network: Compromise
Dataflow: Access
Firewall: Compromise

DenialOfService

No data can flow through the Router due to a denial of service attack.

Network: DenialOfService

Forwarding

The attacker is able to add his own rules to the Router.

Network: Compromise

Defence

Description

Default

None

There are no defences associated with the Router object.

n/a


What’s Next